DES (Digital Exchange Service) Hosting Requirements

The purpose of this article will to provide introduction to hosting requirements for DES, used as middleware for CloudVirga iMP communication with Ellie Mae Encompass LOS. This article will cover the following topics

DES Logging DB – Database containing logging and auditing data for DES service. This is transient data used primarily for troubleshooting, statistical and performance analysis and is usually transient.

Authorization Server – Optional component used in combination with REST interface for DES Service. It can be replaced with other OWIN OAuth 2.0 compatible authorization server.

Hosts for DES Service need to have Encompass SDK installed, matching the version of target Encompass environment.

Network Requirements

DES service has two possible interfaces it exposes to clients. One or both interfaces must be available to iMP to communicate with DES service.

REST Interface

Rest interface is standard HTTPS REST endpoint exposed to consumers by DES Service. It is a recommended way of exposing DES Service to iMP.

It is typically hosted on standard HTTPS TCP 443, but TCP port can be changed as needed. This implementation relies on usage of OWIN OAuth 2.0 Authorization Server in combination with HTTPS transport layer security. This implementation can optionally be turned off in case security is handled by external components/layers in front of DES service.

WCF Interface

WCF interface consists of two WCF services with separate base URLs. For clients internal to DES Service (intranet clients) this is typically set up as a pair of standard NetTcpBinding bindings on tcp ports 60052 and 60054. These are just reference ports and can be changed as needed.

For external clients (internet scenario) these bindings are typically configured as WsHttpBinding with standard Transport security combined with basic or client certificate authentication.

Scalability

DES Service can be scaled horizontally using multiple instances of service behind standard load balancers sharing single backend SQL server and configuration.

Depending on types of interfaces being exposed (REST or WCF, NetTcpBinding or WsHttpBinding) and type of load balancer used, configurations of load balancers may slightly vary so these are handled on case by case basis.

Availability

It is recommended to host several instances of DES Service to ensure High Availability as well as enable rolling upgrades of service with no outage. Service is implemented in such way that it supports rolling deployment or blue-green deployment scenarios.

Authorization Server

Default implementation of Authorization server is hosted within DES service itself. Service can be configured to use compatible external authorization server.

Additionally, usage of Authorization server by DES service can be disabled using configuration. This is useful mostly in cases where it is deemed not required to perform authorization of service calls themselves. This is mostly the case for internal hosting where strict security is implemented on infrastructure level, and/or for hosting where service is exposed through third party solutions such as API management solutions that handle security for service calls.

More details on implementation of external Authorization Server will be provided in separate document.

SQL Server

Databases used for DES Service – Configuration, Logging and Authorization are Microsoft SQL Server databases. Recommended version of MSSSQL is SQL Server 2016 Standard edition.

High Availability

Setting up MSSQL in one of standard High Availability models is recommended for production to ensure service availability.

For more details please consult Microsoft SQL Server documentation on High Availability solutions, for example:

Deployment instructions

This section of document outlines basic steps for deployment of DES service to individual server.

Service Deployment

DES Service MSI is intended for silent deployment using set of parameters provided in command line. For convenience, PowerShell script with script configuration file will be provided in package along with instructions for setting up parameter files per environment.

Database Deployment

Database deployment can be performed either using database MSI, or manually by deploying Data-tier Application Component Packages to SQL server. Database MSI is deployed in similar way to DES Service MSI, using provided PowerShell script and appropriate configuration file for silent install.

Manual deployment can be done using one of several standard methods, from command line, PowerShell, SQL Server Management Studio etc. Documentation for these methods is provided by Microsoft and available online.